Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Actualtests CAS-002 sample question. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.


2026 New CAS-002 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/CAS-002/

P.S. Accurate CAS-002 guidance are available on Google Drive, GET MORE: https://drive.google.com/open?id=1MWxVvRqKw5P-3mL6Zi7QlXk_26ObOJ_y


New CompTIA CAS-002 Exam Dumps Collection (Question 9 - Question 18)

New Questions 9

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology?

A. Insider threat

B. Network reconnaissance

C. Physical security

D. Industrial espionage

Answer: C


New Questions 10

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?

A. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.

B. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.

C. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.

D. This information can be found by querying the networku2021s DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.

Answer: A


New Questions 11

A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase.

Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO).

A. Perform unit testing of the binary code

B. Perform code review over a sampling of the front end source code

C. Perform black box penetration testing over the solution

D. Perform grey box penetration testing over the solution

E. Perform static code review over the front end source code

Answer: D,E


New Questions 12

An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit's integrity to be the most important concern. Which of the following protocols meets these needs by implementing either AES-CMAC or HMAC-SHA256 to sign data?

A. SMB

B. NFS

C. FCoE

D. iSCSI

Answer: A


New Questions 13

An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures. Company leadership has asked for a thorough review of physical security controls to prevent this from happening again. Which of the following departments are the

MOST heavily invested in rectifying the problem? (Select THREE).

A. Facilities management

B. Human resources

C. Research and development

D. Programming

E. Data center operations

F. Marketing

G. Information technology

Answer: A,E,G


New Questions 14

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?

A. Isolate the system on a secure network to limit its contact with other systems

B. Implement an application layer firewall to protect the payroll system interface

C. Monitor the systemu2021s security log for unauthorized access to the payroll application

D. Perform reconciliation of all payroll transactions on a daily basis

Answer: A


New Questions 15

Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the distributed login with centralized authentication and has wide compatibility among SaaS vendors?

A. Establish a cloud-based authentication service that supports SAML.

B. Implement a new Diameter authentication server with read-only attestation.

C. Install a read-only Active Directory server in the corporate DMZ for federation.

D. Allow external connections to the existing corporate RADIUS server.

Answer: A


New Questions 16

A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees leave?

A. Require cloud storage on corporate servers and disable access upon termination

B. Whitelist access to only non-confidential information

C. Utilize an MDM solution with containerization

D. Require that devices not have local storage

Answer: C


New Questions 17

An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure?

A. Replicate NAS changes to the tape backups at the other datacenter.

B. Ensure each server has two HBAs connected through two routes to the NAS.

C. Establish deduplication across diverse storage paths.

D. Establish a SAN that replicates between datacenters.

Answer: D


New Questions 18

A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application. The application utilizes streaming video that can be viewed both on computers and mobile devices. The application designers have asked that the algorithm support the transport encryption with the lowest possible performance overhead. Which of the following recommendations would BEST meet the needs of the application designers? (Select TWO).

A. Use AES in Electronic Codebook mode

B. Use RC4 in Cipher Block Chaining mode

C. Use RC4 with Fixed IV generation

D. Use AES with cipher text padding

E. Use RC4 with a nonce generated IV

F. Use AES in Counter mode

Answer: E,F


Recommend!! Get the Accurate CAS-002 dumps in VCE and PDF From Certleader, Welcome to download: https://www.certleader.com/CAS-002-dumps.html (New 532 Q&As Version)